Methods of attack on a content screening algorithm based on adulteration of marked content

ABSTRACT

Methods and apparatus for attacking a screening algorithm. The methods include the steps of marking content to be downloaded, inserting at least one section of legitimate content into the marked content, and subjecting the content to a screening algorithm. The screening algorithm may include the steps of determining a number of segments that are included within the content, selecting at least two segments within the content, screening the two segments to determine whether the two segments verify correctly through the screening algorithm, and downloading the content when it is determined that the two segments verify correctly through the screening algorithm. Once the content has been successfully downloaded, the integrity of the downloaded content may be restored by removing the legitimate content that was previously inserted into the downloaded content.

CROSS REFERENCE TO RELATED APPLICATION

[0001] This application claims priority to the U.S. provisional patentapplication identified by Ser. No. 60/279,639, filed on Mar. 29, 2001,the disclosure of which is incorporated by reference herein.

FIELD OF THE INVENTION

[0002] The present invention relates generally to the field of securecommunication, and more particularly to techniques for attacking acontent screening algorithm based on adulteration of marked content.

BACKGROUND OF THE INVENTION

[0003] Security is an increasingly important concern in the delivery ofmusic or other types of content over global communication networks suchas the Internet. More particularly, the successful implementation ofsuch network-based content delivery systems depends in large part onensuring that content providers receive appropriate copyright royaltiesand that the delivered content cannot be pirated or otherwise subjectedto unlawful exploitation.

[0004] With regard to delivery of music content, a cooperativedevelopment effort known as Secure Digital Music Initiative (SDMI) hasrecently been formed by leading recording industry and technologycompanies. The goal of SDMI is the development of an open, interoperablearchitecture for digital music security. This will answer consumerdemand for convenient accessibility to quality digital music, while alsoproviding copyright protection so as to protect investment in contentdevelopment and delivery. SDMI has produced a standard specification forportable music devices, the SDMI Portable Device Specification, Part 1,Version 1.0, 1999, and an amendment thereto issued later that year, eachof which are incorporated by reference. The longer-term effort of SDMIis currently working toward completion of an overall architecture fordelivery of digital music in all forms.

[0005] The illicit distribution of copyright material deprives theholder of the copyright legitimate royalties for this material, andcould provide the supplier of this illicitly distributed material withgains that encourage continued illicit distributions. In light of theease of information transfer provided by the Internet, content that isintended to be copy-protected, such as artistic renderings or othermaterial having limited distribution rights, are susceptible towide-scale illicit distribution. For example, the MP3 format for storingand transmitting compressed audio files has made the wide-scaledistribution of audio recordings feasible, because a 30 or 40 megabytedigital audio recording of a song can be compressed into a 3 or 4megabyte MP3 file. Using a typical 56 kbps dial-up connection to theInternet, this MP3 file can be downloaded to a user's computer in a fewminutes. Thus, a malicious party could read songs from an original andlegitimate CD, encode the songs into MP3 format, and place the MP3encoded song on the Internet for wide-scale illicit distribution.Alternatively, the malicious party could provide a direct dial-inservice for downloading the MP3 encoded song. The illicit copy of theMP3 encoded song can be subsequently rendered by software or hardwaredevices, or can be decompressed and stored onto a recordable CD forplayback on a conventional CD player.

[0006] A number of schemes have been proposed for limiting thereproduction of copy-protected content. SDMI and others advocate the useof “Digital Watermarks” to identify authorized content. U.S. Pat. No.5,933,798, “Detecting a watermark embedded in an information system,”issued Jul. 16, 1997 to Johan P. Linnartz, discloses a technique forwatermarking electronic content, and is incorporated by referenceherein. As in its paper watermark counterpart, a digital watermark isembedded in the content so as to be detectable, but unobtrusive. Anaudio playback of a digital music recording containing a watermark, forexample, will be substantially indistinguishable from a playback of thesame recording without the watermark. A watermark detection device,however, is able to distinguish these two recordings based on thepresence or absence of the watermark. Because some content may not becopy-protected and hence may not contain a watermark, the absence of awatermark cannot be used to distinguish legitimate from illegitimatematerial. On the contrary, the absence of a watermark is indicative ofcontent material that can be legitimately copied freely.

[0007] Other copy protection schemes are also available. For example,European patent EP983687A2, “Copy Protection Schemes for Copy-protectedDigital Material,” issued Mar. 8, 2000 to Johan P. Linnartz and Johan C.Talstra, presents a technique for the protection of copyright materialvia the use of a watermark “ticket” that controls the number of timesthe protected material may be rendered, and is incorporated by referenceherein.

[0008] An accurate reproduction of watermarked content will cause thewatermark to be reproduced in the copy of the watermarked content. Aninaccurate, or lossy reproduction of watermarked content, however, maynot provide a reproduction of the watermark in the copy of the content.A number of protection schemes, including those of the SDMI, have takenadvantage of this characteristic of lossy reproduction to distinguishlegitimate content from illegitimate content, based on the presence orabsence of an appropriate watermark. In the SDMI scenario, two types ofwatermarks are defined: “robust” watermarks, and “fragile” watermarks. Arobust watermark is one that is expected to survive a lossy reproductionthat is designed to retain a substantial portion of the originalcontent, such as an MP3 encoding of an audio recording. That is, if thereproduction retains sufficient information to allow a reasonablerendering of the original recording, the robust watermark will also beretained. A fragile watermark, on the other hand, is one that isexpected to be corrupted by a lossy reproduction or other illicittampering.

[0009] In the SDMI scheme, the presence of a robust watermark indicatesthat the content is copy-protected, and the absence or corruption of acorresponding fragile watermark when a robust watermark is presentindicates that the copy-protected content has been tampered with in somemanner. An SDMI compliant device is configured to refuse to renderwatermarked material with a corrupted watermark, or with a detectedrobust watermark but an absent fragile watermark, except if thecorruption or absence of the watermark is justified by an“SDMI-certified” process, such as an SDMI compression of copy-protectedcontent for use on a portable player. For ease of reference andunderstanding, the term “render” is used herein to include anyprocessing or transferring of the content, such as playing, recording,converting, validating, storing, loading, and the like. This schemeserves to limit the distribution of content via MP3 or other compressiontechniques, but does not affect the distribution of counterfeitunaltered (uncompressed) reproductions of content material. This limitedprotection is deemed commercially viable, because the cost andinconvenience of downloading an extremely large file to obtain a songwill tend to discourage the theft of uncompressed content.

[0010] Despite SDMI and other ongoing efforts, existing techniques forsecure distribution of music and other content suffer from a number ofsignificant drawbacks. For example, SDMI Lite has recently proposed theuse of a new screening algorithm referred to as SDMI Lite. The SDMI Litealgorithm essentially screens only two sections of the content which isbeing downloaded. Thus, prior to adopting this screening approachindustry wide, methods must be identified which would successfullycircumvent the proposed screening algorithm.

SUMMARY OF THE INVENTION

[0011] The present invention in an illustrative embodiment provides amethod of attacking and circumventing the proposed SDMI Lite screeningalgorithm as described herein. The method is based on the concept ofadulteration of content to the point where the attacker's chance ofsuccessfully admitting the illicit content is greatly improved.

[0012] An advantage of the present invention is that it identifies atleast one fault in a security screening algorithm. It is only throughthe detection and identification of faults that the underlying screeningalgorithm can be improved to provide convenient, efficient andcost-effective protection for all content providers.

[0013] In accordance with one aspect of the invention, a method ofattacking a screening algorithm includes the steps of identifyingcontent to be downloaded, inserting at least one section of legitimatecontent into the content to be downloaded, and subjecting the content tobe downloaded, having the section of legitimate content insertedtherein, to a screening algorithm. The screening algorithm in theillustrative embodiment includes the steps of determining a number ofe.g., fifteen second sections that are included within the content to bedownloaded, selecting at least two segments within the content to bedownloaded, screening the two segments to determine whether the twosegments verify correctly through the screening algorithm, anddownloading the content to be downloaded when it is determined that thetwo segments verify correctly through the screening algorithm. Once thecontent has been successfully downloaded, the integrity of thedownloaded content may be restored by removing the legitimate contentthat was previously inserted into the downloaded content.

[0014] These and other features and advantages of the present inventionwill become more apparent from the accompanying drawings and thefollowing detailed description.

BRIEF DESCRIPTION OF THE DRAWINGS

[0015]FIG. 1 is a schematic diagram illustrating a general overview ofthe present invention;

[0016]FIG. 2 is a flow diagram illustrating the steps of a method ofattack on an SDMI screening algorithm based on adulteration of markedcontent in accordance with an illustrative embodiment of the presentinvention; and

[0017]FIG. 3 is a table illustrating the probabilities of success for anattacker when undertaking to download illicit material.

DETAILED DESCRIPTION OF THE INVENTION

[0018] The present invention provides methods which attack andcircumvent screening algorithms that rely on a sampling of data, and,specifically, the proposed SDMI Lite screening algorithm as describedherein. The methods are based on the concept of adulteration of contentto the point where the attacker's chances of successfully admitting theillicit content are greatly improved.

[0019] Advantageously, the methods of the invention detect faults in theproposed security screening algorithm. It is only through the detectionand identification of faults that the underlying screening algorithm canbe improved to provide convenient, efficient and cost-effectiveprotection for all content providers.

[0020] One goal of SDMI is to prevent the unlawful and illicitdistribution of content on the Internet. In an attempt to accomplishthis goal, SDMI has proposed methods of screening content that has beenmarked to be downloaded. One such proposal is the previously-mentionedSDMI Lite screening algorithm. Generally, the SDMI Lite screeningalgorithm randomly screens a predetermined number of sections of themarked content to determine whether the content is legitimate. However,the proposed SDMI Lite screening algorithm checks only two sections ofthe content being downloaded. Therefore, for a song which is threeminutes in length, only thirty seconds of the song is being checked(assuming fifteen second test sections). The thirty seconds representsonly one-sixth of the total content of the song. The new SDMI Litescreening algorithm was proposed in an attempt to increase theperformance of SDMI.

[0021] Generally, the present invention is achieved by initiating anadulteration attack by inserting sections of other content into theillicit song. The inserted sections are self-consistent in the sensethat, if the inserted section is selected by the screening algorithm,the inserted section will verify correctly through the SDMI Litealgorithm and other content-based screening algorithms such as theCDSafe algorithm. The CDSafe algorithm is described more fully inpending U.S. patent application Ser. No. 09/536,944, filed Mar, 28,2000, in the name of inventors Toine Staring, Michael Epstein and MartinRosner, entitled “Protecting Content from Illicit Reproduction by Proofof Existence of a Complete Data Set via Self-Referencing Sections,” andis incorporated by reference herein.

[0022] More specifically, with reference to FIG. 1 and in accordancewith the present invention, one method of attacking the proposed SDMILite screening algorithm and the CDSafe algorithm is to “adulterate” thecontent that is proposed to be downloaded from an external source suchas, for example, the Internet 10. As used herein, the term “adulterate”refers to the act of inserting music 18 from a song that is known to belegitimate into a song that the attacker knows to be illegitimate suchthat the illegitimate content 12 will pass the screening algorithm 14.That is, if the screening algorithm 14 can be tricked into believingthat the proposed content to be downloaded is in fact a different songthan the song that is actually being downloaded, then the screeningalgorithm 14 will allow the content 12 to be downloaded despite the factthat some portion of the downloaded content is actually being illegallydistributed. Although illustrated as a separate element, screeningalgorithm 14 may be resident within memory within the personal computer16, and executed by a processor of the personal computer 16. Once thecontent is downloaded, it may be written to a compact disk, personaldigital assistant (PDA) or other device such as a memory coupled to orotherwise associated with a personal computer 16. At this point, theinserted (adulteration) material may be removed to restore the integrityof the illicit content. Although shown in FIG. 1 as a personal computer,element 16 may be implemented as a PDA, digital music player, wirelesstelephone or any other device having a processor and associated memory.

[0023] The method of attack described herein is made possible since onlya small portion of the marked content is being screened. This type ofattack would not be possible if every section of the marked content werescreened to ensure that it is part of legitimate content. Since only twosections of the marked content are being screened, the screeningalgorithm is susceptible to being circumvented in accordance with thetype of attack described herein. In the following discussion the term“segment” will be used to indicate a contiguous block of contentcontaining one or more sections of content.

[0024] In an embodiment of the method of the present invention, twosections from the marked content will be chosen during the screeningprocess. One section will be chosen from the beginning of the song andthe other section will be chosen at random. Each of the sections will bereplaced by segments of silence. Thus, during the screening process, ifsections are chosen from within these two silence segments, the contentwill be permitted to be downloaded. Unmarked silence is accepted aslegacy content according to the SDMI rules.

[0025] In another embodiment of the method of the present invention, andlikely the most simplistic embodiment, the downloaded content may beadulterated by inserting a section of silence at the beginning of thesong and a large segment of silence at the end of the song. Since asilence section has been placed at the beginning of the song, the firstsection chosen would certainly be silence and labeled as unmarked, thelarge amount of silence at the end of the song would create an excellentlikelihood that the other (random) section would also contain silence aswell. Thus, during the screening process, if two silence sections arechosen, the content will be permitted to be downloaded.

[0026] Referring now to FIG. 2, a flow diagram is shown illustrating thesteps of the method of attack on a SDMI screening algorithm based onadulteration of the screened content in accordance with anotherillustrative embodiment of the present invention.

[0027] In step 100, the attacker will identify and mark content on theInternet which the attacker knows to be data that will not pass thescreening of SDMI. The marked content is represented as content 12 inFIG. 1. Therefore, in step 110, in accordance with the presentinvention, the attacker will insert two segments of legitimate contentinto the data from the Internet which was identified in step 100. Thelegitimate content is illustrated in FIG. 1 as reference numeral 18. Itis contemplated that larger or smaller segments of legitimate contentmay be inserted into the illegitimate content as will be described belowwith reference to FIG. 3. Upon completion of step 110, the attacker isready to enter the SDMI screening process, as indicated by referencenumeral 120.

[0028] Commencing the screening process, as indicated in step 130, adetermination is made regarding the number of fifteen second segmentsthat exist in the content that is to be downloaded. In step 140, a firstsegment is then identified and screened to determine whether the contentpasses the SDMI screening requirements. If an illegitimate segment isdetected, the content will be rejected, as indicated by step 150. If,however, one of the two legitimate segments that were added by theattacker is detected, the content will pass the first part of thescreening process. In step 160, the SDMI screening process identifies asecond segment to be tested. If the section is found to be legitimate,the content will pass the screening process and will be permitted to bedownloaded as indicated by step 180. If there is a failure at step 140or step 160 then the attacker will make another attempt as indicated bythe retry arrow returning from step 150 to step 120.

[0029] Although the method of circumventing the proposed SDMI Litescreening algorithm will not guarantee rapid success to the attacker,the likelihood that the attacker will be able to successfully downloadillegitimate content increases with the percentage of adulteratedcontent. For example, where the attacker attempts to insert an illicitsong after one section of a legitimate song, the probability ofretrieving a legitimate section twice (thereby circumventing the SDMIscreening algorithm) may be calculated using the following equation:

P=(1/x)²

[0030] where P equals the probability of retrieving a legitimate sectiontwice, and x equals the number of sections in the illicit song.

[0031] Likewise, when an attacker attempts to randomly insert twolegitimate sections inside the illicit song, the probability ofretrieving a legitimate section twice may be calculated using thefollowing equation:

P=(2/x)²

[0032] where P equals the probability of retrieving a legitimate sectiontwice, and x equals the number of sections in the illicit song.

[0033] Thus, for example, if an attacker attempts to randomly insert anextra minute into a two minute selected song, the probability ofretrieving a legitimate section twice is equal to (4/12)² or elevenpercent (11%); where the number four (4) represents the number offifteen second sections in the extra minute of legitimate content addedby the attacker, and the number twelve (12) represents the number ofsections (eight (8)) in the original two-minute illicit song plus thenumber of sections (four (4)) in the extra minute of legitimate contentadded by the attacker.

[0034]FIG. 3 is a table illustrating the probability of success for anattacker when attempting to download illicit material. Morespecifically, FIG. 3 lists the probabilities of downloading a pluralityof different length illicit songs as a function of the number oflegitimate sections present in the illicit song. The vertical axis liststhe number of legitimate sections present in a song and the horizontalaxis lists the various song lengths by seconds and number of fifteensecond sections within the total song length. The probabilities listedin FIG. 3 are based on the assumption that the screening algorithmchecks only two sections of each song.

[0035] As an example, with reference to FIG. 3, if the song length is120 seconds (two minutes) and five (5) of the sections are legitimatesections that have been combined with three (3) sections of illegitimatemarked content inserted into the song, the probability of getting thesong (including the marked content) through the screening process isthirty-nine percent (39.1%).

[0036] The above-described embodiments of the invention are intended tobe illustrative only. For example, although the present invention hasbeen described with reference to the content constituting a single song,the invention is equally applicable to the download of an entire compactdisk, as well as numerous other types of content. These and numerousother embodiments within the scope of the following claims will beapparent to those skilled in the art.

What is claimed is:
 1. A method of attacking a screening algorithm, themethod comprising the steps of: marking content to be downloaded;inserting at least one section of legitimate content into the markedcontent; and subjecting the marked content, having the at least onesection of legitimate content inserted therein, to a screeningalgorithm.
 2. The method of attacking a screening algorithm as recitedin claim 1 wherein the screening algorithm is a Secure Digital MusicInitiative screening algorithm.
 3. The method of attacking a screeningalgorithm as recited in claim 1 wherein the screening algorithm relieson a sampling of data contained within the marked content.
 4. The methodof attacking a screening algorithm as recited in claim 1 wherein themarked content is downloaded from the Internet.
 5. The method ofattacking a screening algorithm as recited in claim 1 further comprisingthe step of writing the downloaded content to a memory device.
 6. Themethod of attacking a screening algorithm as recited in claim 1 furthercomprising the step of restoring the integrity of the marked content byremoving the legitimate content inserted into the marked content.
 7. Themethod of attacking a screening algorithm as recited in claim 1 whereinthe screening process includes the step of determining a number ofsegments of a predetermined duration of time which are included withinthe marked content having the at least one section of legitimate contentinserted therein.
 8. The method of attacking a screening algorithm asrecited in claim 7 wherein the screening process further includes thesteps of selecting at least two segments within the marked content;screening the at least two segments to determine whether the at leasttwo segments verify correctly through the screening algorithm; anddownloading the marked content when it is determined that the at leasttwo segments verify correctly through the screening algorithm.
 9. Themethod of attacking a screening algorithm as recited in claim 7 whereinthe predetermined duration of time is fifteen seconds.
 10. The method ofattacking a screening algorithm as recited in claim 1 wherein the atleast one section of legitimate content inserted into the marked contentis a section of silence.
 11. An apparatus for attacking a screeningalgorithm comprising: a processor device for marking content to bedownloaded and for inserting at least one section of legitimate contentinto the marked content, wherein the marked content having at least onesection of legitimate content therein is subjected to a screeningalgorithm.
 12. The apparatus for attacking a screening algorithm asrecited in claim 11, further comprising: a memory device associated withthe processor device storing the content when the content passes throughthe screening algorithm.
 13. The apparatus for attacking a screeningalgorithm as recited in claim 11, wherein the screening algorithm relieson a sampling of data contained within the marked content.
 14. Anarticle of manufacture for attacking a screening algorithm, the articlecomprising a machine readable medium containing one or more programswhich when executed implement the steps of: marking content to bedownloaded; inserting at least one section of legitimate content intothe marked content; and subjecting the marked content, having the atleast one section of legitimate content inserted therein, to a screeningalgorithm.
 15. The article of manufacture for attacking a screeningalgorithm as recited in claim 14 wherein the screening algorithm is aSecure Digital Music Initiative screening algorithm.
 16. The article ofmanufacture for attacking a screening algorithm as recited in claim 14wherein the screening algorithm relies on a sampling of data containedwithin the marked content.
 17. The article of manufacture for attackinga screening algorithm as recited in claim 14 further comprising the stepof writing the downloaded content to a memory device.
 18. The article ofmanufacture for attacking a screening algorithm as recited in claim 14further comprising the step of restoring the integrity of the markedcontent by removing the legitimate content inserted into the markedcontent.
 19. The article of manufacture for attacking a screeningalgorithm as recited in claim 14 wherein the screening process includesthe step of determining a number of segments of a predetermined durationof time which are included within the marked content having the at leastone section of legitimate content inserted therein.
 20. The article ofmanufacture for attacking a screening algorithm as recited in claim 19wherein the screening process further includes the steps of selecting atleast two segments within the marked content; screening the at least twosegments to determine whether the at least two segments verify correctlythrough the screening algorithm; and downloading the marked content whenit is determined that the at least two segments verify correctly throughthe screening algorithm.